“Phishing” is the industry term for emails asking you to connect to a website to enter your security information, such as your username & password. They frequently appear to be from someone you know, or a reputable company warning you that your account is at risk. For example, a common phishing scam involves an email warning you that “Your banking information may have been compromised, please click here to update your account password to avoid account closure.” They simply toss the emails onto the net, and hope someone bites: hence phishing.
A new round of phishing emails purporting to be related to Google’s Gmail accounts are currently making the rounds, so here’s a few handy tips to avoid falling victims to such scams:
- Most reputable companies never email links to update passwords, since most reputable companies are well aware of phishing attempts, so your first impulse should always be to assume it is not a legitimate email. Barring that:
- If you receive an email asking you to update ANY information for a reputable site you use, NEVER CLICK the emailed links. Simply open up the website via a bookmark or app (or however you normally access that website) and check to see if there’s any system notifications for you.
- If you would like additional confirmation, do not reply to the email for confirmation. Go to the website, and use their contact form, or their official email address, or call technical support for the company, and ask for conformation.
- If the message is coming from an email address for someone you know, please notify that individual via a different contact method (eg: phone, facebook, twitter). If their email address has been compromised, simply replying to their email will not work.
The individuals perpetrating phishing scams have very little to lose, since it only takes a few bites for them to make it profitable. Avoiding being one of those bites is easy by following the simple steps above.